The Send To Action feature in Netsparker Desktop allows you to integrate the web application security scanner with your issue tracking system, or source code management system. This integration allows you to import identified vulnerabilities as issues with just a few mouse clicks. It is possible to integrate Netsparker with the following systems:

Configuring the Netsparker Integration with JIRA

Open the Netsparker Desktop Options

Navigate to Netsparker Desktop options by clicking Options from the Tools drop down menu.

Click the Extensions tab in the bottom left corner of the options.

Click the Add+ button and select the system you would like to integrate Netsparker Desktop with. For this example, we'll select JIRA.

Specify the Connection Settings

Enter the mandatory connection details;

URL of JIRA setup

Username and Password

Project Key

the Issue Type

In the Vulnerability section you can specify the Body Template and Title format. Body templates are stored in "%userprofile%\Documents\Netsparker\Resources\Send To Templates" hence, to use your own custom templates store them in this location.

In the Optional settings you can specify:

to whom should the vulnerability be assigned

the reporter of the vulnerability

priority of the vulnerability

due date

Once you complete the required fields click Test to confirm that Netsparker Desktop can connect to the configured system. The below screenshot shows a connection test confirmation with JIRA.

Exporting Reported Vulnerabilities to Projects on JIRA

Now that the integration is ready, to export an identified vulnerability to JIRA just right click the reported vulnerability and select Send to JIRA. Below is a screenshot of the SQL Injection that was automatically exported to JIRA.

Integrating Netsparker with Other Systems

Take advantage of this easy to setup integration and integrate Netsparker web application security scanner with your bug tracking and code management systems to improve automation, thus allowing you to do more in a shorter time. And don't forget, if you use another system that is not listed above, or you would like to do any other sort of integration you can create a custom Send To Action.